Mobile communication terminal, information processing method, data processing program, and recording medium

ABSTRACT

A transmitter cell phone  10  is provided with a controller  11  for fulfilling functions of a data encryptor, a first key encryptor, and an encryption file generator. The data encryptor encrypts data, using a first encryption key. The first key encryptor encrypts the first encryption key, using a second encryption key. The encryption file generator generates an encryption file of the data from the data encrypted by the data encryptor, the first encryption key encrypted by the first key encryptor, and user-specific information permitting identification of a user of the mobile communication terminal.

TECHNICAL FIELD

[0001] The present invention relates to a mobile communication terminal,an information processing method, a data processing program, and arecording medium.

BACKGROUND ART

[0002] In recent years, the development of information communicationtechnologies promoted transmission and reception of data of documents,pictures, etc. through networks such as the Internet. Particularly, inthe case of communication terminals such as cell phones, where a userswitches a model to another or where a user selectively uses a pluralityof communication terminals, data such as information about the user, atelephone directory, etc. is transferred to another communicationterminal, for example, upon replacement of UIM (User Identity Module).During the transfer of data, conversion (encryption) of the dataaccording to a predetermined rule is an effective means for preventingunauthorized access to the data or falsification of the data by a thirdparty in the middle of communication.

DISCLOSURE OF THE INVENTION

[0003] However, the conventional techniques as described above had thefollowing problem. Namely, encryption key data (hereinafter referred toas “encryption key”) is used in encryption of the data, but it is alsopresumable that the encryption of data by the encryption key is notalways effective in preventing such irregularities as the unauthorizedaccess to or falsification of data by a third party, because ofsophistication of data analysis technologies.

[0004] The present invention has been accomplished in view of the aboveproblem and an object of the invention is to provide a mobilecommunication terminal, an information processing method, a dataprocessing program, and a recording medium capable of making theanalysis of encrypted data difficult and thus securing highconfidentiality for data.

[0005] In order to achieve the above object, a mobile communicationterminal according to the present invention comprises: data encryptingmeans for encrypting data (which encompasses a file and/or a program andwhich can be single data or multiple data) stored in the mobilecommunication terminal, using a first encryption key; first keyencrypting means for encrypting the first encryption key, using a secondencryption key; and encryption file generating means for generating anencryption file of the data from the data encrypted by the dataencrypting means, the first encryption key encrypted by the first keyencrypting means, and user-specific information permittingidentification of a user of the mobile communication terminal, forgeneration of the second encryption key.

[0006] In order to achieve the above object, an information processingmethod according to the present invention is an information processingmethod for a mobile communication terminal to process data, theinformation processing method comprising: a data encryption step ofencrypting data, using a first encryption key; a first key encryptionstep of encrypting the first encryption key, using a second encryptionkey; and an encryption file generation step of generating an encryptionfile of the data from the data encrypted in the data encryption step,the first encryption key encrypted in the first key encryption step, anduser-specific information permitting identification of a user of themobile communication terminal, for generation of the second encryptionkey.

[0007] In order to achieve the above object, a data processing programaccording to the present invention is a data processing program forletting a computer fulfill: a data encryption function of encryptingdata, using a first encryption key; a first key encryption function ofencrypting the first encryption key, using a second encryption key; andan encryption file generation function of generating an encryption fileof the data from the data encrypted by the data encryption function, thefirst encryption key encrypted by the first key encryption function, anduser-specific information permitting identification of a user of amobile communication terminal, for generation of the second encryptionkey.

[0008] According to these aspects of the invention, the encryption fileof the data is generated from the data encrypted using the firstencryption key, the first encryption key encrypted using the secondencryption key, and the user-specific information for generation of thesecond encryption key. Namely, the encryption file is generated throughdouble encryption processes, so that the analysis of the data is mademore difficult than that of encryption files encrypted using anon-encrypted encryption key. This can prevent such irregularities asthe unauthorized access to or falsification of the data by a third partyin advance. As a result, high confidentiality can be secured for thedata. Since the generated encryption file contains the user-specificinformation permitting identification of the user of the mobilecommunication terminal, it is at low risk of being decrypted by mobilecommunication terminals of other users.

[0009] In order to achieve the above object, another potential mobilecommunication terminal according to the present invention comprises dataencrypting means for encrypting data, using a first encryption key;first falsification check data generating means for generating firstfalsification check data for a falsification check on the encrypteddata; additional information encrypting means for encrypting additionalinformation containing the first falsification check data generated bythe first falsification check data generating means, using a secondencryption key; and encryption file generating means for generating anencryption file of the data from the data encrypted by the dataencrypting means, the additional information encrypted by the additionalinformation encrypting means, and second encryption key informationcontaining user-specific information permitting identification of a userof the mobile communication terminal.

[0010] In order to achieve the above object, another potentialinformation processing method according to the present invention is aninformation processing method for a mobile communication terminal toprocess data, the information processing method comprising: a dataencryption step of encrypting data, using a first encryption key; afirst falsification check data generation step of generating firstfalsification check data for a falsification check on the encrypteddata; an additional information encryption step of encrypting additionalinformation containing the first falsification check data generated inthe first falsification check data generation step, using a secondencryption key; and an encryption file generation step of generating anencryption file of the data from the data encrypted in the dataencryption step, the additional information encrypted in the additionalinformation encryption step, and second encryption key informationcontaining user-specific information permitting identification of a userof the mobile communication terminal.

[0011] In order to achieve the above object, another potential dataprocessing program according to the present invention is a dataprocessing program for letting a computer fulfill: a data encryptionfunction of encrypting data, using a first encryption key; a firstfalsification check data generation function of generating firstfalsification check data for a falsification check on the encrypteddata; an additional information encryption function of encryptingadditional information containing the first falsification check datagenerated by the first falsification check data generation function,using a second encryption key; and an encryption file generationfunction of generating an encryption file of the data from the dataencrypted by the data encryption function, the additional informationencrypted by the additional information encryption function, and secondencryption key information containing user-specific informationpermitting identification of a user of a mobile communication terminal.

[0012] According to these aspects of the invention, the encryption fileof the data is generated from the data encrypted using the firstencryption key, the additional information containing the firstfalsification check data for a falsification check on the encrypteddata, and the user-specific information. Namely, the generatedencryption file contains both the encrypted data and the data encryptedafter having been converted for the falsification check, which makes theanalysis of the data difficult. This can prevent the irregularities suchas the unauthorized access to or falsification of the data by a thirdparty. As a result, high confidentiality can be secured for the data.Since the generated encryption file contains the user-specificinformation permitting identification of the user of the mobilecommunication terminal, it is at low risk of being decrypted by mobilecommunication terminals of other users.

[0013] Preferably, the mobile communication terminal according to thepresent invention further comprises second key generating means forgenerating the second encryption key, using the second encryption keyinformation.

[0014] Preferably, the information processing method according to thepresent invention further comprises a second key generation step whereinthe mobile communication terminal generates the second encryption key,using the second encryption key information.

[0015] Preferably, the data processing program according to the presentinvention makes the computer further fulfill a second key generationfunction of generating the second encryption key, using the secondencryption key information.

[0016] According to these aspects of the invention, the secondencryption key is generated using the second encryption key informationcontaining the user-specific information permitting the identificationof the user of the mobile communication terminal. The additionalinformation containing the falsification check data is encrypted usingthe second encryption key. Namely, the user-specific information isessential to decryption of the additional information. Accordingly, theencryption file is at low risk of being decrypted by mobilecommunication terminals of other users, as a matter of course, and theadditional information is also at low risk of being decrypted by mobilecommunication terminals of other users. This secures much higherconfidentiality for the data.

[0017] More preferably, the mobile communication terminal according tothe present invention is constructed in a configuration wherein thesecond encryption key information contains identification informationfor identification of an algorithm used in generation of the secondencryption key and wherein the second key generating means generates thesecond encryption key, using the algorithm identified by theidentification information.

[0018] More preferably, the information processing method according tothe present invention is configured so that the second encryption keyinformation contains identification information for identification of analgorithm used in generation of the second encryption key and so thatthe second key generation step comprises a step wherein the mobilecommunication terminal generates the second encryption key, using thealgorithm identified by the identification information.

[0019] More preferably, the data processing program according to thepresent invention is configured so that the second encryption keyinformation contains identification information for identification of analgorithm used in generation of the second encryption key and so thatthe second key generating function is arranged to fulfill a function ofgenerating the second encryption key, using the algorithm identified bythe identification information.

[0020] According to these aspects of the invention, the secondencryption key is generated using the algorithm identified by theidentification information included in the second encryption keyinformation. Namely, the mobile communication terminal properly selectsthe algorithm for generation of the second encryption key, according toa type of the second encryption key information. Accordingly, it becomesmore difficult for a third party to specify the algorithm used in thegeneration of the second encryption key than in the case where thesecond encryption key is always generated by an identical algorithm,whereby confidentiality can be further enhanced for the data.

[0021] Further preferably, the mobile communication terminal accordingto the present invention is constructed in a configuration wherein theadditional information contains first encryption key informationnecessary for generation of the first encryption key.

[0022] Further preferably, the information processing method accordingto the present invention is configured so that the additionalinformation contains first encryption key information necessary forgeneration of the first encryption key.

[0023] Further preferably, the data processing program according to thepresent invention is configured so that the additional informationcontains first encryption key information necessary for generation ofthe first encryption key.

[0024] According to these aspects of the invention, the additionalinformation encrypted using the second encryption key contains both thefalsification check data and the first encryption key informationnecessary for generation of the first encryption key. Accordingly, itbecomes more difficult to decrypt the additional information. As aresult, the confidentiality is further enhanced for the data. When thecombination of the encryption keys with the encryption key informationis used for encryption of data, it becomes feasible to change theintensity of cipher.

[0025] The above was the description of the features about the dataencryption technology by the mobile communication terminal as a datatransmitter, and the following is the description of the features aboutthe data decryption technology by the mobile communication terminal as adata receiver.

[0026] A mobile communication terminal according to the presentinvention is a mobile communication terminal for receiving an encryptionfile from the mobile communication terminal as described above, thereceiving mobile communication terminal comprising: acquiring means foracquiring the data encrypted by the data encrypting means, the firstencryption key encrypted by the first key encrypting means, and theuser-specific information from the encryption file; first key decryptingmeans for decrypting the first encryption key, using the user-specificinformation acquired by the acquiring means; and data decrypting meansfor decrypting the data, using the first encryption key decrypted by thefirst key decrypting means.

[0027] An information processing method according to the presentinvention is an information processing method for a mobile communicationterminal to decrypt data encrypted by the information processing methodas described above, the information processing method for decryptioncomprising: an acquisition step of acquiring the data encrypted in thedata encryption step, the first encryption key encrypted in the firstkey encryption step, and the user-specific information from theencryption file; a first key decryption step of decrypting the firstencryption key, using the user-specific information acquired in theacquisition step; and a data decryption step of decrypting the data,using the first encryption key decrypted in the first key decryptionstep.

[0028] A data processing program according to the present invention is adata processing program for letting a computer having data encrypted bythe functions fulfilled by the data processing program as describedabove, fulfill: an acquisition function of acquiring the data encryptedby the data encryption function, the first encryption key encrypted bythe first key encryption function, and the user-specific informationfrom the encryption file; a first key decryption function of decryptingthe first encryption key, using the user-specific information acquiredby the acquisition function; and a data decryption function ofdecrypting the data, using the first encryption key decrypted by thefirst key decryption function.

[0029] According to these aspects of the invention, the mobilecommunication terminal of the data receiver decrypts the encryption fileof the data generated from the data encrypted using the first encryptionkey, the first encryption key encrypted using the second encryption key,and the user-specific information. The encryption file is one encryptedso as to make the analysis of data difficult, in order to prevent theirregularities such as the unauthorized access to or falsification ofthe data by a third party. Accordingly, the data can be transferred withhigh confidentiality from the transmitter mobile communication terminalto the receiver mobile communication terminal.

[0030] Another mobile communication terminal according to the presentinvention is a mobile communication terminal for receiving an encryptionfile from the mobile communication terminal as described above, thereceiving mobile communication terminal comprising: data acquiring meansfor acquiring the data encrypted by the data encrypting means, theadditional information encrypted by the additional informationencrypting means, and the second encryption key information from theencryption file; second key generating means for generating the secondencryption key, using the second encryption key information acquired bythe data acquiring means; additional information decrypting means fordecrypting the additional information, using the second encryption keygenerated by the second key generating means; first encryption keyinformation acquiring means for acquiring the first encryption keyinformation and the first falsification check data from the additionalinformation decrypted by the additional information decrypting means;first key generating means for generating the first encryption key,using the first encryption key information acquired by the firstencryption key information acquiring means; and data decrypting meansfor decrypting the data acquired by the data acquiring means, using thefirst encryption key generated by the first key generating means.

[0031] Another information processing method according to the presentinvention is an information processing method for a mobile communicationterminal to decrypt data encrypted by the information processing methodas described above, the information processing method for decryptioncomprising: a data acquisition step of acquiring the data encrypted inthe data encryption step, the additional information encrypted in theadditional information encryption step, and the second encryption keyinformation from the encryption file; a second key generation step ofgenerating the second encryption key, using the second encryption keyinformation acquired in the data acquisition step; an additionalinformation decryption step of decrypting the additional information,using the second encryption key generated in the second key generationstep; a first encryption key information acquisition step of acquiringthe first encryption key information and the first falsification checkdata from the additional information decrypted in the additionalinformation decryption step; a first key generation step of generatingthe first encryption key, using the first encryption key informationacquired in the first encryption key information acquisition step; and adata decryption step of decrypting the data acquired in the dataacquisition step, using the first encryption key generated in the firstkey generation step.

[0032] Another data processing program according to the presentinvention is a data processing program for letting a computer havingdata encrypted by the functions fulfilled by the data processing programas described above, fulfill: a data acquisition function of acquiringthe data encrypted by the data encryption function, the additionalinformation encrypted by the additional information encryption function,and the second encryption key information from the encryption file; asecond key generation function of generating the second encryption key,using the second encryption key information acquired by the dataacquisition function; an additional information decryption function ofdecrypting the additional information, using the second encryption keygenerated by the second key generation function; a first encryption keyinformation acquisition function of acquiring the first encryption keyinformation and the first falsification check data from the additionalinformation decrypted by the additional information decryption function;a first key generation function of generating the first encryption key,using the first encryption key information acquired by the firstencryption key information acquisition function; and a data decryptionfunction of decrypting the data acquired by the data acquisitionfunction, using the first encryption key generated by the first keygeneration function.

[0033] According to these aspects of the invention, the mobilecommunication terminal of the data receiver decrypts the encryption fileof the data generated from the data encrypted using the first encryptionkey, the additional information encrypted using the second encryptionkey, and the second encryption key information containing theuser-specific information. The encryption file is one encrypted so as tomake the analysis of data much more difficult, in order to prevent theirregularities such as the unauthorized access to or falsification ofthe data by a third party. Accordingly, the data can be transferred withmuch higher confidentiality from the transmitter mobile communicationterminal to the receiver mobile communication terminal.

[0034] Preferably, the mobile communication terminal according to thepresent invention further comprises second falsification check datagenerating means for generating second falsification check data for afalsification check on the data decrypted by the data decrypting means;and collating means for collating the first falsification check dataacquired by the first encryption key information acquiring means, withthe second falsification check data generated by the secondfalsification check data generating means.

[0035] Preferably, the information processing method according to thepresent invention further comprises a second falsification check datageneration step of generating second falsification check data for afalsification check on the data decrypted in the data decryption step;and a collation step of collating the first falsification check dataacquired in the first encryption key information acquisition step, withthe second falsification check data generated in the secondfalsification check data generation step.

[0036] Preferably, the data processing program according to the presentinvention makes the computer further fulfill a second falsificationcheck data generation function of generating second falsification checkdata for a falsification check on the data decrypted by the datadecryption function; and a collation function of collating the firstfalsification check data acquired by the first encryption keyinformation acquisition function, with the second falsification checkdata generated by the second falsification check data generationfunction.

[0037] According to these aspects of the invention, the secondfalsification check data is generated for determining whether thedecrypted data is falsified. The second falsification check datagenerated is collated with the first falsification check data. When theresult of the collation is that the two falsification check data itemsagree with each other, it is determined that the data as an object fortransfer is not falsified. On the other hand, when the two falsificationcheck data items are different from each other., it is determined thatthe data as an object for transfer can be falsified in the data transferprocess. When the mobile communication terminal of the data receiver isconfigured in this way to determine whether the data is falsified, theuser of the mobile communication terminal can readily recognize thevalidity of the transferred data. For example, where there is apossibility that the data is falsified, use of the data (includingreproduction thereof) is prohibited, so as to avoid inconveniences dueto use of the falsified data (authentication failure, virus infection,etc.).

[0038] The information processing technology according to the presentinvention can extensively be carried out when a recording medium which acomputer (including the mobile communication terminal) can read andwhich stores the aforementioned data processing program, is subjected tosale or distribution as a single unit or as an attached product.

[0039] Another potential mobile communication terminal according to thepresent invention is a mobile communication terminal comprising: dataencrypting means for encrypting data, using a first encryption key;third falsification check data generating means for generating thirdfalsification check data for a falsification check on the firstencryption key; additional information encrypting means for encryptingadditional information containing the third falsification check datagenerated by the third falsification check data generating means, usinga second encryption key; and encryption file generating means forgenerating an encryption file of the data from the data encrypted by thedata encrypting means, the additional information encrypted by theadditional information encrypting means, and second encryption keyinformation containing user-specific information permittingidentification of a user of the mobile communication terminal.

[0040] Another potential information processing method according to thepresent invention is an information processing method for a mobilecommunication terminal to process data, the information processingmethod comprising: a data encryption step of encrypting data, using afirst encryption key; a third falsification check data generation stepof generating third falsification check data for a falsification checkon the first encryption key; an additional information encryption stepof encrypting additional information containing the third falsificationcheck data generated in the third falsification check data generationstep, using a second encryption key; and an encryption file generationstep of generating an encryption file of the data from the dataencrypted in the data encryption step, the additional informationencrypted in the additional information encryption step, and secondencryption key information containing user-specific informationpermitting identification of a user of the mobile communicationterminal.

[0041] Another potential data processing program according to thepresent invention is a data processing program for letting a computerfulfill: a data encrypting function of encrypting data, using a firstencryption key; a third falsification check data generation function ofgenerating third falsification check data for a falsification check onthe first encryption key; an additional information encryption functionof encrypting additional information containing the third falsificationcheck data generated by the third falsification check data generationfunction, using a second encryption key; and an encryption filegeneration function of generating an encryption file of the data fromthe data encrypted by the data encryption function, the additionalinformation encrypted by the additional information encryption function,and second encryption key information containing user-specificinformation permitting identification of a user of a mobilecommunication terminal.

[0042] According to these aspects of the invention, the encryption fileof the data is generated from the data encrypted using the firstencryption key, the additional information containing the thirdfalsification check data for the falsification check on the firstencryption key, and the user-specific information. Namely, the generatedencryption file contains both the encrypted data and the firstencryption key encrypted after having been converted for thefalsification check, which makes the analysis of data difficult. Thiscan prevent the irregularities such as the unauthorized access to orfalsification of the data by a third party in advance. As a result, highconfidentiality can be secured for the data. Since the generatedencryption file contains the user-specific information permitting theidentification of the user of the mobile communication terminal, it isfeasible to lower the risk that the encryption file is decrypted bymobile communication terminals of other users.

[0043] In another potential configuration, the encryption file isgenerated from additional information containing falsification checkdata for a falsification check on the second encryption key, instead ofthe first encryption key.

BRIEF DESCRIPTION OF THE DRAWINGS

[0044]FIG. 1 is a schematic illustration showing a whole configurationof a data processing system.

[0045]FIG. 2 is a block diagram showing a functional configuration of atransmitter cell phone.

[0046]FIG. 3 is a diagram showing an internal configuration of memorypart of the transmitter cell phone in the first embodiment.

[0047]FIG. 4 is an illustration conceptually showing the flow of dataencryption processing executed by the transmitter cell phone in thefirst embodiment.

[0048]FIG. 5 is an illustration conceptually showing the flow of datadecryption processing executed by a receiver cell phone in the firstembodiment.

[0049]FIG. 6 is a diagram showing a configuration example of key Brelated information in the second embodiment.

[0050]FIG. 7 is an illustration conceptually showing the flow of dataencryption processing executed by the transmitter cell phone in thesecond embodiment.

[0051]FIG. 8A is a diagram showing an internal configuration of thememory part of the transmitter cell phone in the third embodiment. FIG.8B is a diagram showing an internal configuration of the memory part ofthe receiver cell phone in the third embodiment.

[0052]FIG. 9 is an illustration conceptually showing the flow of dataencryption processing executed by the transmitter cell phone in thethird embodiment.

[0053]FIG. 10 is an illustration conceptually showing the flow of dataencryption processing executed by the transmitter cell phone in amodification of the third embodiment.

[0054]FIG. 11 is an illustration conceptually showing the flow of datadecryption processing executed by the receiver cell phone in the thirdembodiment.

[0055]FIG. 12A is a diagram showing an internal configuration of thememory part of the transmitter cell phone in the fourth embodiment. FIG.12B is a diagram showing a configuration example of key B relatedinformation in the fourth embodiment.

[0056]FIG. 13 is an illustration conceptually showing the flow of dataencryption processing executed by the transmitter cell phone in thefourth embodiment.

[0057]FIG. 14 is an illustration conceptually showing the flow of dataencryption processing executed by the transmitter cell phone in amodification of the fourth embodiment.

BEST MODES FOR CARRYING OUT THE INVENTION

[0058] (First Embodiment)

[0059] The mobile communication terminal in the first embodiment of thepresent invention will be described below with reference to FIGS. 1 to5.

[0060] First, the configuration will be described. FIG. 1 is a schematicillustration showing an example of the whole configuration of dataprocessing system 1 in the present embodiment. As shown in FIG. 1, thedata processing system 1 is generally comprised of transmitter cellphone 10 (corresponding to a mobile communication terminal) and receivercell phone 20 (corresponding to a mobile communication terminal). Thetransmitter cell phone 10 is connected via base station 41 to mobilecommunication network 30 and the receiver cell phone 20 is connected viabase station 42 to mobile communication network 30. The transmitter cellphone 10 and the receiver cell phone 20 are configured to be able totransmit or receive data to or from each other through mobilecommunication network 30. It is assumed in the description of thepresent embodiment hereinafter that one user uses the transmitter cellphone 10 and receiver cell phone 20, envisaging replacement of the UIMupon a switch between models of cell phones, or under such circumstancesthat the user selectively uses a plurality of communication terminals.

[0061] The internal configuration of transmitter cell phone 10 will bedetailed below with reference to FIG. 2. FIG. 2 is a block diagramshowing the functional configuration of transmitter cell phone 10. Asshown in FIG. 2, the transmitter cell phone 10 is composed of controller11 (corresponding to the data encrypting means, first key encryptingmeans, encryption file generating means, first falsification check datagenerating means, additional information encrypting means, and secondkey generating means), input part 12, RAM 13, display part 14, memorypart 15, radio communication part 16 with antenna 16 a, and audioprocessor 17 with microphone 17 a and speaker 17 b, and these parts areconnected through bus 18 so as to be able to implement input/output ofvarious signals.

[0062] The controller 11 retrieves a program stored in the memory part15, into RAM 13 and performs concentrated control over each part inaccordance with the program. Namely, the controller 11 executes theencryption file generation processing including encryption of data as anobject for transfer to the receiver cell phone 20 in accordance with aninput signal from input part 12 and the program retrieved into the RAM13, and temporarily saves the result of the processing into RAM 13. Thenthe controller stores the result of the processing saved in the RAM 13,into a predetermined area inside the memory part 15 as occasion maydemand.

[0063] The input part 12 is constructed with various control buttons forgiving instructions such as ON/OFF of power, selection of functions,etc., and these various control buttons are arranged to be depressedsingly or in combination to output an input signal according to thecontents of instructions to the controller 11.

[0064] The RAM (Random Access Memory) 13 is comprised of a volatilesemiconductor memory and is arranged to temporarily save a program ordata retrieved from memory part 15 described below, in various processesexecuted by the controller 11. The RAM 13 also has the function of VRAM(Video RAM) for temporarily saving data under display in the displaypart 14.

[0065] The display part 14 is comprised of an LCD (Liquid CrystalDisplay), an EL (Electro Luminescence), or the like, and is arranged todisplay displayed data on a screen in accordance with a display signalsupplied from the controller 11.

[0066] The memory part 15 is comprised of a nonvolatile semiconductormemory such as an EEPROM (Electrically Erasable and Programmable ROM) orthe like, and is arranged to store data necessary for execution ofvarious processes, data generated as a result of execution of thevarious processes, and so on.

[0067] As shown in FIG. 3, the memory part 15 internally has datastorage area 151 a, key A storage area 151 b, key B storage area 151 c,key B information storage area 151 d, and key B generation algorithmstorage area 151 e. The data storage area 151 a stores data as an objectfor transfer to the receiver cell phone 20, i.e., data to be encrypted.The data embraces a file and/or a program and is, for example, userinformation (a name and/or a telephone number of the user), a telephonedirectory, ringing melodies, and so on. The data may be a data groupstored in a folder.

[0068] The key A storage area 151 b stores an encryption key(corresponding to the first encryption key) for encryption of dataretrieved from data storage area 151 a, as “key A.” The key A may be onethat was stored in the key A storage area 151 b, prior to an instructionof encryption of data, or one that is generated in conjunction with anencryption start instruction from the controller 11. The key A can bearbitrarily changed in its setting according to the level of copyrightprotection and the intensity of encryption for the data to be encrypted.

[0069] The key B storage area 151 c stores another encryption key(corresponding to the second encryption key) for encryption of the key Aretrieved from key A storage area 151 b, as “key B.” Data correspondingto user-specific information included in key B information describedlater can be used as it is (without any change or processing), as key B.For example, where the key B information contains the “telephone number”being one of the user-specific information, numerical data of“09012345678” will be stored in the key B storage area 151 c.

[0070] Data newly generated in conjunction with an encryption startinstruction from controller 11 may also be used as key B. Namely, datagenerated by properly changing or processing the data corresponding tothe user-specific information included in the after-described key Binformation is used as key B. More specifically, where the key Binformation contains the “telephone number” being one of theuser-specific information, the key B will be defined, for example, bynumerical data of “090123456780901234567809012345678” being a series ofrepetitions of “09012345678.” Therefore, this data is stored in the keyB storage area 151 c.

[0071] For this reason, the key B stored by either of the above methodscomes to reflect the user-specific information. The key B can bearbitrarily changed in its setting according to the level of copyrightprotection and the intensity of encryption for the data to be encrypted.

[0072] The key B information storage area 151 d stores “key Binformation” containing at least one user-specific information. Theuser-specific information is information for indicating what is thesubstance of the data (key B) as an object for acquisition or the datanecessary for generation of key B, and is not such data itself. Forexample, where the user-specific information is the telephone number,such data will be numerical data of “09012345678” indicated by theuser-specific information of “telephone number.” The user-specificinformation is information permitting identification of the user oftransmitter cell phone 10. The user-specific information is preferablyinformation that cannot be rewritten even by the user of transmittercell phone 10 and is, for example, the telephone number of transmittercell phone 10, a user ID, a production number of transmitter cell phone10, an ID of the UIM detachably mounted on transmitter cell phone 10, orthe like.

[0073] The key B generation algorithm storage area 151 e stores a key Bgeneration algorithm. The key B generation algorithm is an algorithm forgeneration of key B, which is used only in the case where the key B isnewly generated using the data corresponding to the aforementioneduser-specific information. In the case where there exist a plurality ofuser-specific information items in the key B information, the key Bgeneration algorithm selects some user-specific information items out ofthe plurality of user-specific information items and uses datacorresponding to the selected user-specific information items in thegeneration of key B.

[0074] The radio communication part 16 performs control on radiocommunication with base station 41. Specifically, the radiocommunication part 16 is a circuit having a modulator-demodulator part(not shown) for carrying out modulation and demodulation of signals, anda coder-decoder (not shown) for performing coding and decoding ofsignals, and is provided with antenna 16 a. The antenna 16 a istelescopically arranged in the upper part of the housing of transmittercell phone 10 and is used in transmission/reception of radio waves to orfrom base station 41.

[0075] The audio processor 17 is comprised of a converter, an amplifier,etc. and is provided with microphone 17 a and speaker 17 b. The audioprocessor 17 converts audio data supplied from controller 11, into ananalog signal in the converter (not shown) and emits sound throughamplification in the amplifier (not shown) from speaker 17 b duringcalls. The audio processor 17 also converts an audio signal suppliedthrough microphone 17 a, into a digital signal by the converter andoutputs the digital signal to controller 11 during calls.

[0076] The above described each of the components of transmitter cellphone 10 in the present embodiment, and the major configuration ofreceiver cell phone 20 is the same as the configuration of transmittercell phone 10; therefore, the illustration and detailed description ofthe configuration is omitted herein. Namely, the receiver cell phone 20is generally comprised of controller 21 (corresponding to the acquiringmeans, first key decrypting means, data decrypting means, data acquiringmeans, second key generating means, additional information decryptingmeans, first encryption key information acquiring means, first keygenerating means, second falsification check data generating means, andcollating means), input part 22, RAM 23, display part 24, memory part25, radio communication part 26 with antenna 26 a, and audio processor27 with microphone 27 a and speaker 27 b. The parts each are connectedthrough bus 28 so as to be able to implement input/output of varioussignals.

[0077] The operation of transmitter cell phone 10 in the presentembodiment will be described below, together with the informationprocessing method according to the present invention. Each of stepsdescribed below is fulfilled by letting controller 11 execute theprogram stored in the memory part 15 shown in FIG. 2. The operation willbe described on the premise that “X×Y” indicates data obtained byencrypting “X” using “Y.” For example, “data×key A” indicates dataobtained by encrypting data using key A.

[0078]FIG. 4 is an illustration conceptually showing the flow of thedata encryption processing executed by transmitter cell phone 10. First,the controller 11 acquires data as an object for encryption from thedata storage area 151 a. Then the controller 11 encrypts the data, usingthe key A acquired from the key A storage area 151 b (S11). As a result,“data×key A” is generated.

[0079] At S12, the controller 11 acquires or generates the key B. In thecase where the controller 11 acquires the key B, the controller 11acquires the data corresponding to the user-specific information in thekey B information from the predetermined area of memory part 15.Thereafter, the above data itself is stored as key B into the key Bstorage area 151 c. For example, where the user-specific information isthe telephone number of the transmitter cell phone 10, the data of“09012345678” will be stored into the key B storage area 151 c.

[0080] In the case where the controller 11 generates the key B, thecontroller 11 first acquires the key B information from the key Binformation storage area 151 d. Subsequently, it acquires the key Bgeneration algorithm from the key B generation algorithm storage area151 e. The controller 11 executes the key B generation algorithm togenerate the key B on the basis of the user-specific informationincluded in the above key B information. The generated key B is storedinto the key B storage area 151 c. For example, where the user-specificinformation is the telephone number of transmitter cell phone 10, dataof a series of the predetermined number of repetitions of “09012345678”will be stored into the key B storage area 151 c. Upon the storage orafter the storage, this key B may be arbitrarily changed according tothe level of copyright protection and the intensity of encryption forthe data to be encrypted.

[0081] Furthermore, the controller 11 encrypts the key A, using the keyB acquired from the key B storage area 151 c (S13). As a result, “keyA×key B” is generated.

[0082] Then the controller 11 acquires the key B information from key Binformation storage area 151 d and combines the data of “data×key A,”“key A×key B,” and key B information (S14). The term “combine” hereinmeans to generate one or more files from a plurality of data items. As aresult, an encryption file is generated. The transmitter cell phone 10transfers the generated encryption file to the receiver cell phone 20.The transfer of the encryption file can be implemented by any transfermethod; for example, transmission via a server apparatus, transferthrough a recording medium such as the UIM or the like, transfer usingshort-range radio communication such as IrDA (Infrared Data Association)or Bluetooth (registered trademark), and so on.

[0083] In the transmitter cell phone 10 of the present embodiment, theencryption file is generated from the data encrypted using the key A(data×key A), the key A encrypted using the key B (key A×key B), and thekey B information. Namely, the encryption file is generated throughdouble encryption processes, so that the analysis of the data becomesmore difficult than that of encryption files generated throughencryption using a non-encrypted encryption key. This prevents theirregularities such as the unauthorized access to or falsification ofthe data by a third party in advance. As a result, high confidentialitycan be secured for the data. Since the generated encryption filecontains the user-specific information permitting identification of theuser of the transmitter cell phone 10, the encryption file is at lowrisk of being decrypted by other users.

[0084] The following is the description of the operation of receivercell phone 20 in the present embodiment. Each of steps described belowis fulfilled by letting the controller 21 execute the program stored inthe memory part 25. FIG. 5 is an illustration conceptually showing theflow of the data decryption processing executed by the receiver cellphone 20. First, the receiver cell phone 20 acquires the encryption filefrom transmitter cell phone 10. Subsequently, the controller 21separates the acquired encryption file into the data of “data×key A,”“key A×key B,” and key B information (T11). The term “separate” hereinmeans to generate a plurality of data items from one or more files.

[0085] Subsequently, the controller 21 acquires the key B generationalgorithm from the key B generation algorithm storage area 151 e. Thenthe controller 21 acquires or generates the key B by the aforementionedmethod on the basis of the user-specific information in the key Binformation acquired at T11, using the key B generation algorithm (T12).The controller 21 decrypts “key A×key B,” using this key B (T13). As aconsequence, the key A is generated. Then the controller 21 decrypts“data×key A,” using the generated key A (T14). As a result, the data,which was stored in the data storage area 151 a, is restored.

[0086] The receiver cell phone 20 of the present embodiment isconfigured to decrypt the encryption file of the data generated from thedata encrypted using the key A, the key A encrypted using the key B, andthe key B information. The encryption file is one encrypted so as tomake the analysis of the data difficult, in order to prevent theirregularities such as the unauthorized access to or falsification ofthe data by a third party. Accordingly, the transfer of data can beimplemented with high confidentiality from the transmitter cell phone 10to the receiver cell phone 20.

[0087] (Second Embodiment)

[0088] The mobile communication terminal in the second embodiment of thepresent invention will be described below with reference to FIGS. 6 and7. Since the fundamental configuration of the data processing system inthe present embodiment is much the same as that of the data processingsystem 1 in the first embodiment, the same reference symbols will denotethe corresponding components, without description thereof, and onlydifferences from the first embodiment will be detailed below.

[0089] The second embodiment is based on a form of generating the key Bby changing or processing the data corresponding to the user-specificinformation. The transmitter cell phone 10 in the second embodiment isdifferent from the transmitter cell phone in the first embodiment inthat a plurality of key B generation algorithms are stored in the key Bgeneration algorithm storage area 151 e shown in FIG. 3 and in that akey B generation algorithm is properly selected and used out of thosekey B generation algorithms.

[0090]FIG. 6 is a diagram showing a configuration example of key Brelated information 251 stored in the key B information storage area 151d (cf. FIG. 3). As shown in FIG. 6, the key B related information 251 isconfigured containing at least header 251 a, key B information 251 b,and key B generation algorithm information 251 c.

[0091] The header 251 a stores information indicating locations ofstorage of the key B information 251 b and the key B generationalgorithm information 251 c. Namely, the controller 11 extracts the keyB information 251 b and the key B generation algorithm information 251 cfrom the key B related information 251 with reference to the header 251a.

[0092] The key B information 251 b stores “key B information” necessaryfor generation of the key B (corresponding to the second encryptionkey). This key B information (corresponding to the second encryption keyinformation) contains at least one user-specific information permittingidentification of the user of transmitter cell phone 10. Theuser-specific information is, for example, the telephone number oftransmitter cell phone 10, the user ID, the production number oftransmitter cell phone 10, the ID of the UIM, or the like.

[0093] The key B generation algorithm information 251 c storesinformation for identification of a predetermined key B generationalgorithm (corresponding to the identification information) among theplurality of key B generation algorithms stored in the key B generationalgorithm storage area 151 e. Namely, the controller 11 selects analgorithm used in generation of the key B, out of the plurality of key Bgeneration algorithms, based on this key B generation algorithminformation.

[0094] Furthermore, dummy data not used for encryption is put in areas(areas indicated by “. . . ” in the figure) except for the header 251 a,key B information 251 b, and key B generation algorithm information 251c. This makes it difficult to extract the key B information 251 b andkey B generation algorithm information 251 c, without reference to theheader 251 a, and thus enhances the confidentiality of the key B relatedinformation. The locations of storage of the key B information 251 b andkey B generation algorithm information 251 c can be those arbitrarilychangeable, or those fixed.

[0095] The key B generation algorithm storage area 15le stores aplurality of key B generation algorithms as detailed in the firstembodiment.

[0096] The following is the description of the operation of transmittercell phone 10 in the present embodiment, together with the informationprocessing method according to the present invention. FIG. 7 is adiagram conceptually showing the flow of the data encryption processingexecuted by the transmitter cell phone 10. The operation of transmittercell phone 10 in the present embodiment is different in the process ofS12.

[0097] At S12, the controller 11 acquires the key B related information251 from the key B information storage area 151 d. Subsequently, thecontroller 11 acquires the key B information 251 b and the key Bgeneration algorithm information 251 c with reference to the header 251a included in the acquired key B related information 251. Furthermore,the controller 11 selects and acquires the key B generation algorithmidentified by the key B generation algorithm information 251 c, out ofthe plurality of key B generation algorithms stored in the key Bgeneration algorithm storage area 151 e. Then the controller 11generates the key B from the data corresponding to the user-specificinformation in the key B information acquired from the key B informationstorage area 151 d, using the key B generation algorithm acquired fromthe key B generation algorithm storage area 151 e.

[0098] In the transmitter cell phone 10 of the present embodiment, thekey B is generated using the algorithm identified by the key Bgeneration algorithm information. Accordingly, the algorithm used ischanged according to the key B generation algorithm information. Thiscan further enhance the confidentiality for the data while making itmore difficult for a third party to specify the used algorithm than inthe case where the key B is always generated using the same algorithm.

[0099] (Third Embodiment)

[0100] The data processing system in the third embodiment of the presentinvention will be described below with reference to FIGS. 8 to 11. Sincethe fundamental configuration of the data processing system in thepresent embodiment is much the same as that of the data processingsystem 1 in the first embodiment, the same reference symbols will denotethe corresponding components, without description thereof, and onlydifferences from the first embodiment will be detailed below. The dataprocessing system 1 in the present embodiment is different in theinternal configurations of memory part 15 of transmitter cell phone 10and memory part 25 of receiver cell phone 20 from the data processingsystem 1 in the first embodiment.

[0101] Namely, as shown in FIG. 8A, the memory part 15 internally hasdata storage area 152 a, key A information storage area 152 b, key Ageneration algorithm storage area 152 c, falsification check algorithmstorage area 152 d, data list storage area 152 e, key B informationstorage area 152 f, and key B generation algorithm storage area 152 g.

[0102] The data storage area 152 a stores data as an object for transferto receiver cell phone 20, i.e., data as an object for encryption. Thedata embraces a file and/or a program and is, for example, the userinformation (the name and/or the telephone number of the user), thetelephone directory, the ringing melodies, or the like. The data may bea data group stored in a folder.

[0103] The key A information storage area 152 b stores “key Ainformation” necessary for generation of the key A (corresponding to thefirst encryption key). This key A information (corresponding to thefirst encryption key information) can be any information, for example,such as the telephone number of transmitter cell phone 10, the user ID,the production number of transmitter cell phone 10, a time, a randomnumber, or the like, but it is desirable to use information differentfrom after-described key B information in view of the difficulty in theanalysis of data.

[0104] The key A generation algorithm storage area 152 c stores “key Ageneration algorithm” which is an algorithm for generation of the key A,using the key A information.

[0105] The falsification check algorithm storage area 152 d stores afalsification check algorithm which is an algorithm for generation offalsification check data 1 (corresponding to the first falsificationcheck data) from the data retrieved from data storage area 152 a. Thefalsification check algorithm is, for example, a hash function and, morespecifically, is one of MD (Message Digest) 2, MD4, MD5, SHA (SecureHash Algorithm)-1, and so on.

[0106] In the case where the data is stored in a folder, the data liststorage area 152 e stores as “data list” a list of information (a name,an identification number, etc.) for identification of the data stored inthe folder.

[0107] The key B information storage area 152 f stores the “key Binformation” necessary for generation of the key B (corresponding to thesecond encryption key). This key B information (corresponding to thesecond encryption key information) contains at least one user-specificinformation permitting identification of the user of the transmittercell phone 10. The user-specific information is information that cannotbe rewritten even by the user of the transmitter cell phone 10 and is,for example, the telephone number of transmitter cell phone 10, the userID, the production number of transmitter cell phone 10, the ID of theUIM, or the like.

[0108] The key B generation algorithm storage area 152 g stores the “keyB generation algorithm” which is an algorithm for generation of the keyB using the key B information.

[0109] As shown in FIG. 8B, the memory part 25 internally has key Bgeneration algorithm storage area 252 a, key A generation algorithmstorage area 252 b, and falsification check algorithm storage area 252c.

[0110] The key B generation algorithm storage area 252 a stores the “keyB generation algorithm” which is an algorithm for generation of the keyB using the key B information.

[0111] The key A generation algorithm storage area 252 b stores the “keyA generation algorithm” which is an algorithm for generation of the keyA using the key A information.

[0112] The falsification check algorithm storage area 252 c stores thefalsification check algorithm which is an algorithm for generation offalsification check data 2 (corresponding to the second falsificationcheck data) from decrypted data. The falsification check algorithm is,for example, a hash function and, more specifically, it is one of MD(Message Digest) 2, MD4, MD5, SHA (Secure Hash Algorithm)-1, and so on.

[0113] The operation of transmitter cell phone 10 in the presentembodiment will be described below, together with the informationprocessing method according to the present invention. Each of stepsdescribed below is fulfilled by letting the controller 11 execute theprogram stored in the memory part 15 shown in FIG. 2.

[0114]FIG. 9 is a diagram conceptually showing the flow of the dataencryption processing executed by the transmitter cell phone 10. First,the controller 11 acquires the key A information from the key Ainformation storage area 152 b. The controller 11 also acquires the keyA generation algorithm from the key A generation algorithm storage area152 c. Then the controller 11 generates the key A from the key Ainformation acquired from the key A information storage area 152 b,using the key A generation algorithm acquired from the key A generationalgorithm storage area 152 c (S21). Upon the generation or after thegeneration, this key A may be arbitrarily changed according to the levelof copyright protection and the intensity of encryption for the data tobe encrypted.

[0115] Subsequently, the controller 11 acquires data as an object forencryption from the data storage area 152 a. Then the controller 11encrypts the data, using the key A generated at S21 (S22). As a result,“data×key A” is generated.

[0116] On the other hand, the controller 11 acquires the falsificationcheck algorithm from the falsification check algorithm storage area 152d and generates the falsification check data 1 from the data acquiredfrom the data storage area 152 a, using the falsification checkalgorithm (S23). For example, where the falsification check algorithm isa hash function, the falsification check data 1 will correspond to thehash value.

[0117] The controller 11 combines the data items of falsification checkdata 1 generated at S23, the data list acquired from the data liststorage area 152 e, and the key A information acquired from the key Ainformation storage area 152 b (S24). The term “combine” herein means togenerate one or more files from a plurality of data items. This resultsin generating additional information containing the falsification checkdata 1, the data list, and the key A information.

[0118] Subsequently, the controller 11 acquires the key B informationfrom key B information storage area 152 f. The controller 11 alsoacquires the key B generation algorithm from the key B generationalgorithm storage area 152 g. Then the controller 11 generates the key Bfrom the key B information acquired from the key B information storagearea 152 f, using the key B generation algorithm acquired from the key Bgeneration algorithm storage area 152 g (S25). Upon the generation orafter the generation, this key B may be arbitrarily changed according tothe level of copyright protection and the intensity of encryption forthe data to be encrypted.

[0119] Then the controller 11 encrypts the additional informationgenerated at S24, using the key B generated at S25 (S26). As a result,“additional information×key B” is generated.

[0120] Thereafter, the controller 11 acquires the key B information fromthe key B information storage area 152 f and combines the data items of“data×key A,” “additional information×key B,” and key B information(S27). As a result, an encryption file is generated. The transmittercell phone 10 transfers the generated encryption file to receiver cellphone 20. The transfer of the encryption file can be implemented by anytransfer method; for example, transmission via a server apparatus,transfer through a recording medium such as the UIM or the like,short-range radio communication such as IrDA (Infrared Data Association)or Bluetooth (registered trademark), and so on.

[0121] The controller 11 may be configured at S26 to extract the datalist from the additional information and encrypt only the additionalinformation except for the data list. In this case, the data list isattached in a non-encrypted state to the additional information andthereafter is incorporated into the encryption file. This decreases theload on the transmitter cell phone 10 due to the data encryptionprocessing. It also decreases the volume of data of the encryption fileand thus saves the free space of memory part 15.

[0122] In the transmitter cell phone 10 of the present embodiment, theencryption file is generated from the data encrypted using the key A,the additional information containing the falsification check data 1 forthe falsification check on the data, and the key B information. Namely,the generated encryption file contains both the encrypted data and thedata encrypted after having been converted for the falsification check,which makes the analysis of data difficult. As a result, higherconfidentiality is secured for the data. Since the generated encryptionfile contains the key B information containing the informationpermitting identification of the user of the transmitter cell phone 10,it is at low risk of being decrypted by other users.

[0123] In the transmitter cell phone 10 of the present embodiment, thekey B is generated using the key B information containing theinformation permitting identification of the user of the transmittercell phone 10. The additional information containing the falsificationcheck data 1 is encrypted using the key B. Namely, the informationpermitting the identification of the user is essential to decryption ofthe additional information. Accordingly, the encryption file is at lowrisk of being decrypted by other users, as a matter of course, and theadditional information is also at low risk of being decrypted by otherusers. This permits much higher confidentiality to be secured for thedata.

[0124] Here FIG. 10 is a diagram conceptually showing the flow of dataencryption processing in a modification of the third embodiment. In thethird embodiment, the target for the falsification check by thefalsification check algorithm was the data as an object for encryption.However, as shown in FIG. 10, the key A generated at S21 can be used asa target for the falsification check, or the key B generated at S25 canbe used as a target for the falsification check. This results ingenerating falsification check data 3 (corresponding to the thirdfalsification check data) through conversion of key A or key B for thefalsification check.

[0125] The key A or key B is normally lower in volume than theaforementioned data, and thus makes the falsification check easier.Accordingly, the processing load due to the falsification check isreduced on the transmitter cell phone 10. Since the falsification checkdata generated from the key A or the key B of the lower volume than theabove data also has a lower volume, it can save the free space of memorypart 15. This form is suitably applicable particularly to cases notrequiring a so high security level for data transfer.

[0126] The following is the description of the operation of receivercell phone 20 in the present embodiment. Each of steps described belowis fulfilled by letting the controller 21 execute the program stored inthe memory part 25. FIG. 11 is a diagram conceptually showing the flowof the data decryption processing executed by receiver cell phone 20.First, the receiver cell phone 20 acquires the encryption file from thetransmitter cell phone 10. Subsequently, the controller 21 separates theacquired encryption file into the data items of key B information,“additional information×key B,” and “data×key A” to acquire them (T21).

[0127] Thereafter, the controller 21 acquires the key B generationalgorithm from the key B generation algorithm storage area 252 a. Thenthe controller 21 generates the key B from the key B informationacquired at T21, using the key B generation algorithm acquired from thekey B generation algorithm storage area 252 a (T22).

[0128] Then the controller 21 decrypts “additional information×key B”acquired at T21, using the key B generated at T22 (T23). As a result,the additional information, which was encrypted at S26 in FIG. 9, isrestored. The controller 21 separates the additional information intothe data items of the falsification check data 1, the data list, and thekey A information to acquire them (T24).

[0129] The controller 21 acquires the key A generation algorithm fromthe key A generation algorithm storage area 252 b. Then the controller21 generates the key A from the key A information acquired at T24, usingthe key A generation algorithm acquired from the key A generationalgorithm storage area 252 b (T25).

[0130] Then the controller 21 decrypts “data×key A” acquired at T26,using the key A generated at T25 (T26). As a result, the data encryptedby transmitter cell phone 10 is restored.

[0131] The receiver cell phone 20 in the present embodiment decrypts theencryption file of the data generated from the data encrypted using thekey A, the additional information encrypted using the key B, and the keyB information containing the user-specific information. The encryptionfile is one encrypted so as to make the analysis of data much moredifficult, in order to prevent the irregularities such as theunauthorized access to or falsification of the data by a third party.Accordingly, the data transfer can be implemented with much higherconfidentiality from the transmitter cell phone 10 to the receiver cellphone 20.

[0132] Furthermore, the receiver cell phone 20 in the present embodimentperforms the processing described below, for judging the identitybetween decrypted data and encrypted data. Namely, the controller 21acquires the falsification check algorithm from the falsification checkalgorithm storage area 252 c. The controller 21 generates falsificationcheck data 2 from the data decrypted at T26, using the acquiredfalsification check algorithm (T27). For example, where thefalsification check algorithm is a hash function, the falsificationcheck data 2 will correspond to the hash value.

[0133] Finally, the controller 21 compares and collates thefalsification check data 1 acquired from the additional information atT24, with the falsification check data 2 generated at T27 to determinethe identity of the falsification check data. When the result of thecomparison collation is that the two falsification check data itemsagree with each other, the controller 21 determines that nofalsification is made on the data as an object for transfer. On theother hand, when the two falsification check data items disagree, thecontroller 21 determines that there is a possibility that the data as anobject for transfer is falsified during the data transfer process.

[0134] When the receiver cell phone 20 is configured to determine thepresence or absence of falsification on the data in this way, the userof the receiver cell phone 20 is allowed to readily recognize thevalidity of transferred data. For example, if there is a possibilitythat the data is falsified, use of the data (including reproductionthereof) will be prohibited, so as to circumvent the inconveniences(authentication failure, virus infection, etc.) due to use of thefalsified data.

[0135] (Fourth Embodiment)

[0136] The fourth embodiment of the present invention will be describedbelow with reference to FIGS. 12 to 14. Since the configuration of thedata processing system in the present embodiment is much the same as theconfiguration of data processing system 1 in the third embodiment, thesame reference symbols will denote the corresponding components, withoutdescription thereof, and only differences from the third embodiment willbe detailed below. The data processing system 1 of the presentembodiment is different in the internal configuration of memory part 15in the transmitter cell phone 10 from the data processing system 1 ofthe third embodiment.

[0137] Namely, as shown in FIG. 12A, the memory part 15 internally hasdata storage area 153 a, key A information storage area 153 b, key Ageneration algorithm storage area 153 c, falsification check algorithmstorage area 153 d, data list storage area 153 e, key B informationstorage area 153 f, key B generation algorithm storage area 153 g, andfalsification check algorithm information storage area 153 h.

[0138] The present embodiment will be described as to the falsificationcheck algorithm information storage area 153 h, which is the structuraldifference from the memory part 15 in the third embodiment. Thefalsification check algorithm information storage area 153 h storesinformation for identification of falsification check algorithms.Namely, the falsification check algorithm storage area 153 d stores aplurality of falsification check algorithms, and the controller 11selects an algorithm to be used in a falsification check, based on thefalsification check algorithm information, out of the plurality offalsification check algorithms.

[0139]FIG. 12B is a diagram showing a configuration example of key Brelated information 154 stored in the key B information storage area 153f. As shown in FIG. 12B, the key B related information 154 isconstructed containing at least header 154 a, key B information 154 b,and key B generation algorithm information 154 c.

[0140] The header 154 a stores information indicating locations ofstorage of the key B information 154 b and the key B generationalgorithm information 154 c. Namely, the controller 11 extracts the keyB information 154 b and the key B generation algorithm information 154 cfrom the key B related information 154 with reference to the header 154a.

[0141] The key B information 154 b stores “key B information” necessaryfor generation of key B (corresponding to the second encryption key).This key B information (corresponding to the second encryption keyinformation) contains at least one user-specific information permittingidentification of the user of transmitter cell phone 10. Theuser-specific information is, for example, the telephone number oftransmitter cell phone 10, the user ID, the production number oftransmitter cell phone 10, the ID of the UIM, or the like.

[0142] The key B generation algorithm information 154 c storesinformation (corresponding to the identification information) foridentification of the predetermined key B generation algorithm among theplurality of key B generation algorithms stored in the key B generationalgorithm storage area 153 g. Namely, the controller 11 selects analgorithm used in generation of key B out of the plurality of key Bgeneration algorithms, based on the key B generation algorithminformation.

[0143] Furthermore, dummy data not used in encryption is put in theareas other than the header 154 a, key B information 154 b, and key Bgeneration algorithm information 154 c (i.e., in the areas indicated by“. . .” in the figure). This makes it difficult to extract the key Binformation 154 b and the key B generation algorithm information 154 c,without reference to header 154 a, and thus enhances the confidentialityof the key B related information. The storage locations of the key Binformation 154 b and key B generation algorithm information 154 c maybe those arbitrarily changeable, or those fixed.

[0144] The above described the configuration of key B relatedinformation 154 stored in the key B information storage area 153 f, andin the present embodiment the key A related information of aconfiguration similar to that of the key B related information 154 isalso stored in the key A information storage area 153 b.

[0145] The operation of transmitter cell phone 10 in the presentembodiment will be described below. FIG. 13 is a diagram conceptuallyshowing the flow of the data encryption processing executed by thetransmitter cell phone 10. The operation of transmitter cell phone 10 inthe present embodiment is much the same in the major part as that of thetransmitter cell phone 10 detailed in the third embodiment. Namely,S31-S37 shown in FIG. 13 correspond to S21-S27 shown in FIG. 9. Thefollowing is the description of S31, S33, S34, and S35 which areprocesses different from those in the third embodiment.

[0146] At S31, the controller 11 first acquires the key A relatedinformation from the key A information storage area 153 b. Subsequently,the controller 11 acquires the key A information and key A generationalgorithm information with reference to the header included in theacquired key A related information. Furthermore, the controller 11selects and acquires the key A generation algorithm identified by thekey A generation algorithm information, out of the plurality of key Ageneration algorithms stored in the key A generation algorithm storagearea 153 c, based on the key A generation algorithm information. Thenthe controller 11 generates the key A from the key A informationacquired from the key A information storage area 153 b, using the key Ageneration algorithm acquired from the key A generation algorithmstorage area 153 c.

[0147] At S33, the controller 11 acquires the falsification checkalgorithm information from the falsification check algorithm informationstorage area 153 h. Subsequently, the controller 11 selects and acquiresthe falsification check algorithm identified by the falsification checkalgorithm information, out of the plurality of falsification checkalgorithms stored in the falsification check algorithm storage area 153d, based on the acquired falsification check algorithm information. Thenthe controller 11 generates falsification check data from the dataacquired from the data storage area 153 a, using the acquiredfalsification check algorithm.

[0148] At S34, the controller 11 combines the data items of thefalsification check data 1 generated at S33, the data list acquired fromthe data list storage area 153 e, the key A information acquired fromthe key A information storage area 153 b, and the falsification checkalgorithm information acquired at S33. This results in generatingadditional information containing the falsification check data 1, thedata list, the key A information, and the falsification check algorithminformation.

[0149] Furthermore, at S35, the controller performs a process similar toS31 about the key B related information. Namely, the controller 11acquires the key B related information from the key B informationstorage area 153 f. Subsequently, the controller 11 acquires the key Binformation and the key B generation algorithm information withreference to the header included in the acquired key B relatedinformation. Furthermore, the controller 11 selects and acquires the keyB generation algorithm identified by the key B generation algorithminformation, out of the plurality of key B generation algorithms storedin the key B generation algorithm storage area 153 g, based on the key Bgeneration algorithm information. Then the controller 11 generates thekey B from the key B information acquired from the key B informationstorage area 153 f, using the key B generation algorithm acquired fromthe key B generation algorithm storage area 153 g.

[0150] S36 may be configured so that the controller 11 extracts the datalist from the additional information and encrypts only the additionalinformation except for the data list. In this case, the data list isattached in a non-encrypted state to the additional information andthereafter incorporated into the encryption file. This reduces the loadon the transmitter cell phone 10 due to the data encryption processing.It also decreases the data volume of the encryption file and thus savesthe free space of memory part 15.

[0151] In the transmitter cell phone 10 of the present embodiment, thekey A is generated using the algorithm identified by the identificationinformation included in the key A information. Similarly, the key B isgenerated using the algorithm identified by the identificationinformation included in the key B information. The data is convertedinto the falsification check data, using the algorithm identified by thefalsification check algorithm information. Accordingly, the usedalgorithms are changed according to the types of the key A information,key B information, and falsification check algorithm information. Thismakes it more difficult for a third party to specify the usedalgorithms, and further enhances the confidentiality for the data, ascompared with the case where the key A, key B, and falsification checkdata are always generated using the same algorithms.

[0152] Here FIG. 14 is a diagram conceptually showing the flow of dataencryption processing in a modification of the fourth embodiment. In thefourth embodiment the target for the falsification check by the selectedfalsification check algorithm was the data as an object for encryption.However, as shown in FIG. 14, the key A generated at S31 may be definedas a target for the falsification check, or the key B generated at S35may be defined as a target for the falsification check. This results ingenerating falsification check data 3 through conversion of the key A orthe key B for the falsification check.

[0153] The key A or the key B is normally lower in volume than the abovedata and thus makes the falsification check easier. Accordingly, thisconfiguration decreases the processing load on the transmitter cellphone 10 due to the falsification check. Since the volume is low of thefalsification check data generated from the key A or the key B with thelower volume than the above data, the free space of memory part 15 canbe saved. This configuration is suitably applicable particularly tocases not requiring a so high security level during transfer of data.

[0154] The forms described in the above embodiments are just preferredexamples of the data processing system according to the presentinvention, and it is noted that the present invention is by no meansintended to be limited to these forms. For example, it was described ineach of the above embodiments that the encryption key and the decryptionkey were the same key (private key cryptography), but they may bedifferent keys (public key cryptography).

[0155] Lastly, the below will describe a data processing programaccording to the present invention, and a computer-readable recordingmedium (hereinafter simply referred to as “recording medium”) containinga record of the program. Here the recording medium is a medium that caninduce states of change of energy such as magnetism, light, electricity,or the like in accordance with the description contents of the dataprocessing program against a reading device provided as a hardwareresource in a general-purpose computer or the like and that can transmitthe description contents of the data processing program in the format ofsignals corresponding to the change states to the reading device. Suchrecording media include, for example, media detachably mounted oncomputers (including cell phones, PHSs, etc.) like IC cards such as theUIM or the like, magnetic disks, optical disks, and magnetoopticaldisks, and also include HDs (Hard Disks) fixedly incorporated in thecomputers, nonvolatile semiconductor memories of firmware or the likeintegrally secured, and so on.

[0156] The data processing program according to the present inventionmay be configured so that part or all thereof is transmitted through atransmission medium such as a communication line or the like fromanother device to be received and recorded by the radio communicationpart 16 or the radio communication part 26. Conversely, the dataprocessing program according to the present invention may also beconfigured to be transmitted through the transmission medium and beinstalled in another device.

Industrial Applicability

[0157] In the mobile communication terminal, information processingmethod, data processing program, and recording medium according to thepresent invention, the encryption file of data is generated from thedata encrypted using the first encryption key, the first encryption keyencrypted using the second encryption key, and the user-specificinformation. Namely, the encryption file is generated through the doubleencryption processes and this makes the analysis of the data moredifficult than that of encryption files encrypted using a non-encryptedencryption key. This can prevent the irregularities such as theunauthorized access to or falsification of the data by a third party inadvance. As a result, high confidentiality can be secured for the data.Since the generated encryption file contains the user-specificinformation permitting identification of the user of the mobilecommunication terminal, the encryption file is at low risk of beingdecrypted by mobile communication terminals of other users.

1. A mobile communication terminal comprising: data encrypting means forencrypting data stored in the mobile communication terminal, using afirst encryption key; first key encrypting means for encrypting thefirst encryption key, using a second encryption key; and encryption filegenerating means for generating an encryption file of the data from thedata encrypted by the data encrypting means, the first encryption keyencrypted by the first key encrypting means, and user-specificinformation permitting identification of a user of the mobilecommunication terminal, for generation of the second encryption key. 2.A mobile communication terminal comprising: data encrypting means forencrypting data, using a first encryption key; first falsification checkdata generating means for generating first falsification check data fora falsification check on the encrypted data; additional informationencrypting means for encrypting additional information containing thefirst falsification check data generated by the first falsificationcheck data generating means, using a second encryption key; andencryption file generating means for generating an encryption file ofthe data from the data encrypted by the data encrypting means, theadditional information encrypted by the additional informationencrypting means, and second encryption key information containinguser-specific information permitting identification of a user of themobile communication terminal.
 3. The mobile communication terminalaccording to claim 2, further comprising second key generating means forgenerating the second encryption key, using the second encryption keyinformation.
 4. The mobile communication terminal according to claim 3,wherein the second encryption key information contains identificationinformation for identification of an algorithm used in generation of thesecond encryption key, and wherein the second key generating meansgenerates the second encryption key, using the algorithm identified bythe identification information.
 5. The mobile communication terminalaccording to claim 2, wherein the additional information contains firstencryption key information necessary for generation of the firstencryption key.
 6. A mobile communication terminal for receiving anencryption file from the mobile communication terminal as set forth inclaim 1, said receiving mobile communication terminal comprising:acquiring means for acquiring the data encrypted by the data encryptingmeans, the first encryption key encrypted by the first key encryptingmeans, and the user-specific information from the encryption file; firstkey decrypting means for decrypting the first encryption key, using theuser-specific information acquired by the acquiring means; and datadecrypting means for decrypting the data, using the first encryption keydecrypted by the first key decrypting means.
 7. A mobile communicationterminal for receiving an encryption file from the mobile communicationterminal as set forth in claim 5, said receiving mobile communicationterminal comprising: data acquiring means for acquiring the dataencrypted by the data encrypting means, the additional informationencrypted by the additional information encrypting means, and the secondencryption key information from the encryption file; second keygenerating means for generating the second encryption key, using thesecond encryption key information acquired by the data acquiring means;additional information decrypting means for decrypting the additionalinformation, using the second encryption key generated by the second keygenerating means; first encryption key information acquiring means foracquiring the first encryption key information and the firstfalsification check data from the additional information decrypted bythe additional information decrypting means; first key generating meansfor generating the first encryption key, using the first encryption keyinformation acquired by the first encryption key information acquiringmeans; and data decrypting means for decrypting the data acquired by thedata acquiring means, using the first encryption key generated by thefirst key generating means.
 8. The mobile communication terminalaccording to claim 7, further comprising: second falsification checkdata generating means for generating second falsification check data fora falsification check on the data decrypted by the data decryptingmeans; and collating means for collating the first falsification checkdata acquired by the first encryption key information acquiring means,with the second falsification check data generated by the secondfalsification check data generating means.
 9. An information processingmethod for a mobile communication terminal to process data, saidinformation processing method comprising: a data encryption step ofencrypting data, using a first encryption key; a first key encryptionstep of encrypting the first encryption key, using a second encryptionkey; and an encryption file generation step of generating an encryptionfile of the data from the data encrypted in the data encryption step,the first encryption key encrypted in the first key encryption step, anduser-specific information permitting identification of a user of themobile communication terminal, for generation of the second encryptionkey.
 10. An information processing method for a mobile communicationterminal to process data, said information processing method comprising:a data encryption step of encrypting data, using a first encryption key;a first falsification check data generation step of generating firstfalsification check data for a falsification check on the encrypteddata; an additional information encryption step of encrypting additionalinformation containing the first falsification check data generated inthe first falsification check data generation step, using a secondencryption key; and an encryption file generation step of generating anencryption file of the data from the data encrypted in the dataencryption step, the additional information encrypted in the additionalinformation encryption step, and second encryption key informationcontaining user-specific information permitting identification of a userof the mobile communication terminal.
 11. An information processingmethod for a mobile communication terminal to decrypt data encrypted bythe information processing method as set forth in claim 9, saidinformation processing method for decryption comprising: an acquisitionstep of acquiring the data encrypted in the data encryption step, thefirst encryption key encrypted in the first key encryption step, and theuser-specific information from the encryption file; a first keydecryption step of decrypting the first encryption key, using theuser-specific information acquired in the acquisition step; and a datadecryption step of decrypting the data, using the first encryption keydecrypted in the first key decryption step.
 12. An informationprocessing method for a mobile communication terminal to decrypt dataencrypted by the information processing method as set forth in claim 10,said information processing method for decryption comprising: a dataacquisition step of acquiring the data encrypted in the data encryptionstep, the additional information encrypted in the additional informationencryption step, and the second encryption key information from theencryption file; a second key generation step of generating the secondencryption key, using the second encryption key information acquired inthe data acquisition step; an additional information decryption step ofdecrypting the additional information, using the second encryption keygenerated in the second key generation step; a first encryption keyinformation acquisition step of acquiring the first encryption keyinformation and the first falsification check data from the additionalinformation decrypted in the additional information decryption step; afirst key generation step of generating the first encryption key, usingthe first encryption key information acquired in the first encryptionkey information acquisition step; and a data decryption step ofdecrypting the data acquired in the data acquisition step, using thefirst encryption key generated in the first key generation step.
 13. Adata processing program for letting a computer fulfill: a dataencryption function of encrypting data, using a first encryption key; afirst key encryption function of encrypting the first encryption key,using a second encryption key; and an encryption file generationfunction of generating an encryption file of the data from the dataencrypted by the data encryption function, the first encryption keyencrypted by the first key encryption function, and user-specificinformation permitting identification of a user of a mobilecommunication terminal, for generation of the second encryption key. 14.A data processing program for letting a computer fulfill: a dataencryption function of encrypting data, using a first encryption key; afirst falsification check data generation function of generating firstfalsification check data for a falsification check on the encrypteddata; an additional information encryption function of encryptingadditional information containing the first falsification check datagenerated by the first falsification check data generation function,using a second encryption key; and an encryption file generationfunction of generating an encryption file of the data from the dataencrypted by the data encryption function, the additional informationencrypted by the additional information encryption function, and secondencryption key information containing user-specific informationpermitting identification of a user of a mobile communication terminal.15. A data processing program for letting a computer having dataencrypted by the functions fulfilled by the data processing program asset forth in claim 13, fulfill: an acquisition function of acquiring thedata encrypted by the data encryption function, the first encryption keyencrypted by the first key encryption function, and the user-specificinformation from the encryption file; a first key decryption function ofdecrypting the first encryption key, using the user-specific informationacquired by the acquisition function; and a data decryption function ofdecrypting the data, using the first encryption key decrypted by thefirst key decryption function.
 16. A data processing program for lettinga computer having data encrypted by the functions fulfilled by the dataprocessing program as set forth in claim 14, fulfill: a data acquisitionfunction of acquiring the data encrypted by the data encryptionfunction, the additional information encrypted by the additionalinformation encryption function, and the second encryption keyinformation from the encryption file; a second key generation functionof generating the second encryption key, using the second encryption keyinformation acquired by the data acquisition function; an additionalinformation decryption function of decrypting the additionalinformation, using the second encryption key generated by the second keygeneration function; a first encryption key information acquisitionfunction of acquiring the first encryption key information and the firstfalsification check data from the additional information decrypted bythe additional information decryption function; a first key generationfunction of generating the first encryption key, using the firstencryption key information acquired by the first encryption keyinformation acquisition function; and a data decryption function ofdecrypting the data acquired by the data acquisition function, using thefirst encryption key generated by the first key generation function. 17.A computer-readable recording medium storing the data processing programas set forth in claim
 13. 18. A mobile communication terminalcomprising: data encrypting means for encrypting data, using a firstencryption key; third falsification check data generating means forgenerating third falsification check data for a falsification check onthe first encryption key; additional information encrypting means forencrypting additional information containing the third falsificationcheck data generated by the third falsification check data generatingmeans, using a second encryption key; and encryption file generatingmeans for generating an encryption file of the data from the dataencrypted by the data encrypting means, the additional informationencrypted by the additional information encrypting means, and secondencryption key information containing user-specific informationpermitting identification of a user of the mobile communicationterminal.
 19. An information processing method for a mobilecommunication terminal to process data, said information processingmethod comprising: a data encryption step of encrypting data, using afirst encryption key; a third falsification check data generation stepof generating third falsification check data for a falsification checkon the first encryption key; an additional information encryption stepof encrypting additional information containing the third falsificationcheck data generated in the third falsification check data generationstep, using a second encryption key; and an encryption file generationstep of generating an encryption file of the data from the dataencrypted in the data encryption step, the additional informationencrypted in the additional information encryption step, and secondencryption key information containing user-specific informationpermitting identification of a user of the mobile communicationterminal.
 20. A data processing program for letting a computer fulfill:a data encrypting function of encrypting data, using a first encryptionkey; a third falsification check data generation function of generatingthird falsification check data for a falsification check on the firstencryption key; an additional information encryption function ofencrypting additional information containing the third falsificationcheck data generated by the third falsification check data generationfunction, using a second encryption key; and an encryption filegeneration function of generating an encryption file of the data fromthe data encrypted by the data encryption function, the additionalinformation encrypted by the additional information encryption function,and second encryption key information containing user-specificinformation permitting identification of a user of a mobilecommunication terminal.